Forward port debian 0.2.0.26-rc-1 to trunk

svn:r14933
author: Peter Palfrader <peter@palfrader.org> 2008-06-04 08:39:02 +0000
committer: Peter Palfrader <peter@palfrader.org> 2008-06-04 08:39:02 +0000
commit: 81429fdc348d4171053c96a203399d5598165ac9 (patch)
tree: d70b56fce551e0560530c7fa31f44ba2dcb405b4 /debian/tor.NEWS
parent: 00405468aad5b94e3325aa19424482422e31a471 (diff)
download: tor-81429fdc348d4171053c96a203399d5598165ac9.tar.gz
tor-81429fdc348d4171053c96a203399d5598165ac9.zip
1 files changed, 16 insertions, 0 deletions
diff --git a/debian/tor.NEWS b/debian/tor.NEWS
new file mode 100644
index 0000000000..18860ccaae
--- /dev/null
+++ b/debian/tor.NEWS
@@ -0,0 +1,16 @@
+tor (0.2.0.26-rc-1) experimental; urgency=critical
+
+  * weak cryptographic keys
+
+    It has been discovered that the random number generator in Debian's
+    openssl package is predictable.  This is caused by an incorrect
+    Debian-specific change to the openssl package (CVE-2008-0166).  As a
+    result, cryptographic key material may be guessable.
+
+    See Debian Security Advisory number 1571 (DSA-1571) for more information:
+    http://lists.debian.org/debian-security-announce/2008/msg00152.html
+
+    If you run a Tor server using this package please see
+    /var/lib/tor/keys/moved-away-by-tor-package/README.REALLY
+
+ -- Peter Palfrader <weasel@debian.org>  Tue, 13 May 2008 12:49:05 +0200
author	Peter Palfrader <peter@palfrader.org>	2008-06-04 08:39:02 +0000
committer	Peter Palfrader <peter@palfrader.org>	2008-06-04 08:39:02 +0000
commit	81429fdc348d4171053c96a203399d5598165ac9 (patch)
tree	d70b56fce551e0560530c7fa31f44ba2dcb405b4 /debian/tor.NEWS
parent	00405468aad5b94e3325aa19424482422e31a471 (diff)
download	tor-81429fdc348d4171053c96a203399d5598165ac9.tar.gz tor-81429fdc348d4171053c96a203399d5598165ac9.zip